FireEye Global Study Finds 100 Percent of Retail, 91 Percent of Entertainment and Media Organizations Breached in Trial
New Analysis of Defense-in-Depth Architectures from Companies Around the World Reveals Growth in Advanced Attacks and Continued Security Gaps
MILPITAS, CA – January 8, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today released the report “Maginot Revisited: More Real-World Results from Real-World Tests.” “Maginot Revisited” is the second study of global companies’ defense-in-depth architectures to be made publicly available and takes a new look at the advanced attacks that targeted over 1,200 organizations during their real-world testing with FireEye. With a unique point to observe how existing security products perform in detecting advanced threats, the study concludes that signature-based firewalls, intrusion prevention systems (IPS), Web gateways, sandboxes, and anti-virus (AV) solutions – and various combinations of those tools – allowed about 27 percent of companies to be breached by advanced attacks.
“Maginot Line” and “Maginot Revisited” employ a first-of-their-kind approach to assessing the threat-readiness of today’s enterprises. The studies collect and evaluate security alerts that have bypassed organizations’ existing, active security solutions. These alerts encompass both attacks consistent with advanced persistent threat (APT) actors as well as commodity attacks that other, existing solutions should address. For “Maginot Revisited,” 1,214 businesses took part in this study from January 2014 to June 2014, installing FireEye technologies behind all other security solutions to test their efficacy.
“As we have seen over the last year, when just one advanced attack slips past the existing defenses of companies, it can have both a costly and debilitating impact that takes months to repair,” said Dave DeWalt, chairman of the board and CEO, FireEye. “The results of our Maginot studies clearly show that there are gaps in the way many global businesses are secured, opening the door for aggressive threat actors to conduct anything from state-sponsored espionage to cybercrime.”
Key findings from “Maginot Revisited” include:
- 100 percent of Retail organizations involved in the study were breached, with 17 percent of breaches consistent with advanced threats.
- 91 percent of Entertainment and Media organizations were breached during the study, with 18 percent of breaches consistent with advanced threats.
- 100 percent of participants in the Agriculture, Auto/Transportation, Education, and Healthcare/Pharmaceutical industries were breached during the study.
- Over one-fourth (27 percent) of all organizations experienced breaches known to be consistent with tools and tactics used by advanced persistent threat (APT) actors.
- The Aerospace/Defense industry was the most secure of the study, with 76 percent of organizations involved being compromised.
In addition, “Maginot Revisited” offers an in-depth analysis from FireEye Intelligence on what threats are most prevalent in the retail industry today. FireEye Senior Threat Intelligence Researcher Nart Villeneuve provides a look at the top retail-targeted malwares, their capabilities, and their histories, to help retail network defenders bolster their systems.
A full version of the report can be found here: “Maginot Revisited: More Real-World Results from Real-World Tests."
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,700 customers across 67 countries, including over 157 of the Fortune 500.
© 2015 FireEye, Inc. All rights reserved. FireEye is a registered trademark or trademark of FireEye, Inc. in the United States and other countries.
Vitor De Souza